Why we made this change

Visitors are allowed 3 free articles per month (without a subscription), and private browsing prevents us from counting how many stories you've read. We hope you understand, and consider subscribing for unlimited online access.

The FBI's Cybercrime Crackdown

A new breed of special agent is taking on high tech criminals.

To protect the classified information stored on her desktop computer, Special Agent Nenette Day uses one of the most powerful tools on the planet-an air gap.

Day points to an IBM ThinkPad resting on the table behind her desk. “That computer is hooked up to the Internet,” she says. “But if you break into it, have a good time: there’s no secret work on it.”

Two meters away on her desk sits Day’s other computer-a gray-and-chrome minitower emblazoned with a red sticker proclaiming that its hard drive is classified SECRET. “This,” she says protectively, “holds my e-mail.” Day readily talks about the ThinkPad, describing how she got it as part of a big purchase by the Federal Bureau of Investigation (FBI) a few years ago and explaining that it’s now somewhat out-of-date. And she happily shows off a collectible action figure-still in its display box-a colleague brought back from Belgium. It’s a “cyberagent” with a gun in one hand and a laptop computer in the other. But if you let your eyes drift back to that red sticker and try to copy the bold, black words printed on it, Day will throw you out of her office.

Day belongs to the FBI’s Boston Computer Crime Squad, one of 16 such units located throughout the United States. Each is composed of about 15 agents who investigate all manner of assaults on computers and networks-everything from lone-hacker to cyberterrorist attacks-with a dose of international espionage thrown in for good measure. Crimes range from Web site defacements and break-ins to so-called denial-of-service attacks, which prevent legitimate users from accessing targeted networks.

How to Catch a Cybercrook

The phone rings at the FBI Crime Squad and a “complaint agent” answers. Most calls are short, not too sweet, and not terribly satisfying for the person seeking help. “We get a lot of phone calls from people who say that somebody has hacked their home computer,” says Day. Others report death threats delivered in online chat rooms.

Unsettling as such events are for the victims, most callers are told that there’s nothing the FBI can do for them. For one thing, federal computer-crime statutes don’t even kick in unless there is at least $5,000 damage or an attack on a so-called “federal interest computer”-a broad category that includes computers owned by the federal government, as well as those involved in interstate banking, communications, or commerce. In places especially rife with computer crime, like New York City, the intervention bar is even higher.

Masked Men and Dead Ends

Day’s bust in the Bricsnet case was unusual for its speed and for the resulting conviction. That’s because many crimes are perpetrated with stolen usernames and passwords. In the Bricsnet case, for instance, McKenna had broken into the company’s computers using his former supervisor’s username and password.

The key to cracking the Bricsnet case was caller ID and automatic number identification (ANI), two technologies more and more Internet service providers are using to automatically record the phone numbers of people dialing up their servers. When a crime is committed over a telephone line, this information is invaluable.

Attack of the Grownups

The media frequently portray the typical computer criminal as a disaffected male youth, a computer wizard who lacks social skills. In the archetypal scene, FBI agents conduct a predawn raid: with their guns drawn, they arrest a teenager while his horrified parents look on. And in fact, Day says that as recently as five years ago, juveniles made up the majority of the perpetrators she encountered. They were teenagers who broke into Web sites that had little security, and their digital crowbars were tools that they downloaded freely from the Internet. These kids made no attempt to hide their success. Instead, they set up their own servers on the penetrated computers, bragged to their friends, and left behind lots of evidence of their misdeeds.

But such attacks are no longer the most important cases that Day’s office investigates. Recent years have brought “an interesting shift,” she says. Now she sees attackers breaking into computers that are supposedly protected by firewalls and security systems. These perpetrators-virtually all of them adults-mount extremely sophisticated attacks. They don’t brag, and they don’t leave obvious tracks. “It’s economic espionage,” Day concludes.

All in a Day’s Work

When Technology Review first approached the FBI about interviewing an agent of the computer crime squad, the idea was to write about an agent’s “average day.” The public affairs manager at the FBI’s Boston office nixed the idea: there are no average days for an FBI agent, she said. Indeed, Day says that one of the best things about her job is its endless variety.

“I might spend one day in trial preparation. I could spend an entire day milling through computer files doing evidence assessment. The next day I could be scheduled to testify in a trial. And last month I spent a couple weeks in Bangkok, Thailand, teaching police from 10 different Asian countries.” She spends some days on the phone, perhaps overseeing a new case coming in from a financial institution or phoning FBI headquarters with information that needs to be relayed to other field offices. A few days later she might be off to the range for weapons training. Agent Day carries a .40-caliber Glock 23 and assists on the occasional drug raid. “It is very long work, and it’s very hard,” she says about her job, “but it gives you something that you would never see in the private sector.”

Countdown to EmTech Digital 2019. Join us and be the AI leader your company needs.

Share

Simson L. Garfinkel is a computer security research scientist whose interests include digital forensics, security, personal information management, privacy, and terrorism. He holds six U.S. patents for his computer-related research, has published… More dozens of journal and conference papers in security and computer forensics, is the author or co-author of 14 books, and has started five companies.

The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

You've read
of three
free articles this month.
Subscribe now for unlimited online access.
You've read
of three
free articles this month.
Subscribe now for unlimited online access.
This is your last free article this month.
Subscribe now for unlimited online access.
You've read all your free articles this month.
Subscribe now for unlimited online access.
You've read
of three
free articles this month.
Log in for more, or subscribe now for unlimited online access.
Log in for two more free articles, or subscribe now
for unlimited online access.